WatchGuard Technologies Water Heater SSL VPN Manuale Utente
Administration Guide
99
Configuring Resources for a User Group
To configure resource access control for a group
1
Click the Access Policy Manager tab.
2
In the right pane, configure the group resources.
3
When the resource is configured, click the resource and drag it to the group in the left pane.
4
To allow or deny a resource, in the left pane, right-click the network resource or application policy
and then click Allow or Deny.
and then click Allow or Deny.
To remove a resource from a user group
1
Click the Access Policy Manager tab.
2
In the left pane, right-click the resource you want to remove and then click Remove.
Defining network resources
Network resources define the locations that authorized users can access. Resource groups are associ-
ated with user groups to form resource access control policies.
ated with user groups to form resource access control policies.
Network topology for resource groups and authentication
.
Suppose that you want to provide a user group with secure access to the following:
• The 10.10.x.x subnet
• The 10.20.10.x subnet
• The IP addresses of 10.50.0.60 and 10.60.0.10
• The 10.20.10.x subnet
• The IP addresses of 10.50.0.60 and 10.60.0.10
To provide that access, create a network resource group by specifying the following IP address/subnet
pairs:
pairs:
10.10.0.0/255.255.0.0
10.20.10.0/255.255.255.0
10.50.0.60/255.255.255.255
10.60.0.10/255.255.255.255
You can specify the mask in Classless Inter Domain Routing (CIDR) notation. For example, in the above
example, you could specify 10.60.0.10/32 for the last entry.
Additional tips for working with resource groups follow.
example, you could specify 10.60.0.10/32 for the last entry.
Additional tips for working with resource groups follow.